DenySSH is a Ruby application that monitors the auth log of a BSD system for failed SSH login attempts and adds repeat attackers to a Packet Filter table, allowing you to define PF rules to block the attacking hosts or redirect them to a honeypot for your amusement.

There are already a few excellent tools that do almost the same thing, but none of them use PF to block attackers, which makes them less useful to someone like me. Thus, I wrote this.

It's not quite finished yet (I still need to write some documentation), but I've been using it on my servers for several months now and it works well. If you'd like to try it out, you can grab it from the Subversion repository.